Efficient Hierarchical Data Access Control for Resource-Limited Users in Cloud-Based e-Health

Abstract

Recently, the rapid development of Internet of things (IoT) and cloud computing technologies has greatly facilitated the electronic healthcare (eHealth) application. The widely deployed eHealth will significantly benefit for and bring convenience to people. However, there exist a large number of problems about data security and user privacy in eHealth. Although as one of the most promising technique, ciphertext-policy attribute-based encryption (CP-ABE) can provide fine-grained access control for data security in eHealth, there are still many drawbacks which impede the direct adoption of conventional CP-ABE. On the one hand, the personal health records (PHRs) in eHealth usually have hierarchical structures which are not compatible with access policies of conventional CP-ABE. On the other hand, the access policies in encrypted PHRs usually consist of much sensitive health-aware privacy information. Moreover, the high computation overhead also extremely hinders resource-limited users in eHealth. To solve these problems, we propose HPEH, a hierarchical policy-hiding eHealth access control system which is suitable for resource-limited users and privacy-aware access policies with hierarchical PHRs in eHealth. Specifically, in HPEH, we preserve the privacy of access policies by hiding only attribute values rather than attribute names. HPEH realizes hierarchical PHR encryption using integrated access structure and efficient PHR decryption with decryption test and outsourced decryption. In addition, HPEH introduces time-limit technique to provide more fine-grained access control for various requests. The security analysis and performance complexity evaluation indicate that HPEH is secure and efficient and is suitable for eHealth.